SMG for B2B - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

SMG for B2B

Description:

A proposal for Wisconsin collaboration on secure Internet E-mail. 9/10/04 ... Secure Multipurpose Internet Mail Extensions (S/MIME) supported by major E-mail systems ... – PowerPoint PPT presentation

Number of Views:29
Avg rating:3.0/5.0
Slides: 35
Provided by: DHF76
Category:

less

Transcript and Presenter's Notes

Title: SMG for B2B


1
SMG for B2B
  • A proposal for Wisconsin collaboration on secure
    Internet E-mail

2
SMG for B2B
Why do we need secure Email?
3
SMG for B2B
Why do we need secure Internet E-mail?
  • E-mail is rapid, efficient, documented
    communication
  • Integral part of the business fabric
  • Some E-mails are sensitive
  • Internet E-mail exposed
  • HIPAA impermissible
  • disclosure

4
SMG for B2B
What are the business requirements?
  • Encryption
  • B2B vs B2C
  • E-mail system integration
  • Simplicity of use
  • Business rule enforcement
  • Allow virus, spam and content filtering
  • Record management

5
SMG for B2B
What are the business requirements?
  • Collaboration
  • Choice
  • Future requirements
  • Authentication
  • Digital signatures (AB755)
  • Proof of receipt
  • Nonrepudiation

6
SMG for B2B
A solid technology base exists
  • PKI
  • it works
  • addresses all requirements
  • Secure Multipurpose Internet Mail Extensions
    (S/MIME)
  • supported by major E-mail systems
  • predicted long term solution
  • Standard for WI State agencies

7
SMG for B2B
The Achilles heel of PKI
  • Administration of keys
  • Confusing for users
  • Burdensome for technical staff
  • Revocations, expirations
  • Trust

8
SMG for B2B
Desktop-to-Desktop (End-to-End)
Client Decrypts
Client encrypts
E-mail client
Internet
. . .
Interior Firewall
Exterior Firewall
E-mail server
S/MIME PGP
Exterior Firewall
9
SMG for B2B
Desktop-to-Desktop
  • Need only major E-mail software ()
  • Zillions of keys (-)
  • Keys on desktops (-)
  • Users control decryption (-)
  • Cant check virus or filter
  • content on encrypted messages (-)

10
SMG for B2B
Gateway-to-Gateway encryption
  • Server-to-server
  • Domain-to-domain
  • Organization-to-organization

11
SMG for B2B
Gateway-to-Gateway
E-mail client
Internet
. . .
Encryption/Decryption
Interior Firewall
Exterior Firewall
S/MIME, SSL/TLS
Secure Messaging Gateway
Filtering, anti-virus, archiving, etc services
E-mail server
Exterior Firewall
12
SMG for B2B
S/MIME Gateway-to-Gateway
  • Many fewer keys ()
  • Simple for users ()
  • Messages decrypted within the organization ()
  • E-mails stored on organizations servers ()
  • Virus checking and content filtering ()
  • Applications can use gateways for messaging ()
  • Trust at the organizational level (-)

13
SMG for B2B
SSL/TLS Gateway-to-Gateway
  • Excellent for internal server-to-server links ()
  • Inadequate where E-mail relayed thru non-secure
    servers (-)
  • TLS may only protect the first link (-)
  • Fails where orgs use outsourced mail relays for
    spam filtering, etc (-)

14
SMG for B2B
Secure Web Mail
E-mail client
Internet
. . .
Interior Firewall
Exterior Firewall
Web Mail Server
E-mail server
Exterior Firewall
15
SMG for B2B
Secure Web Mail
E-mail client
Internet
1- send E-mail as usual
. . .
Interior Firewall
Exterior Firewall
Web Mail Server
E-mail server
Exterior Firewall
16
SMG for B2B
Secure Web Mail
E-mail client
Internet
1- send E-mail as usual
2- set clue and password
. . .
Interior Firewall
Exterior Firewall
Web Mail Server
E-mail server
Exterior Firewall
17
SMG for B2B
Secure Web Mail
3- send E-mail with url
E-mail client
Internet
1- send E-mail as usual
2- set clue and password
. . .
Interior Firewall
Exterior Firewall
Web Mail Server
E-mail server
Exterior Firewall
18
SMG for B2B
Secure Web Mail
3- send E-mail with url
E-mail client
Internet
1- send E-mail as usual
2- set clue and password
. . .
Interior Firewall
Exterior Firewall
Web Mail Server
E-mail server
Exterior Firewall
19
SMG for B2B
Secure Web Mail
4-Sender provides clue and passphrase
E-mail client
Internet
. . .
Interior Firewall
Exterior Firewall
SSL
Web Mail Server
E-mail server
Exterior Firewall
20
SMG for B2B
5-User accesses secure web-site
Secure Web Mail
4-Sender provides clue and passphrase
E-mail client
Internet
. . .
Interior Firewall
Exterior Firewall
SSL
Web Mail Server
E-mail server
Exterior Firewall
21
SMG for B2B
Secure Web Mail
  • Recipient uses browser (-)
  • No key management ()
  • Send message management via E-mail system varies
    (-)
  • Clue and passphrase management (-)
  • Message resides on senders server (-)
  • Recipient can not virus scan or filter content
    (-)
  • Identification, proof of receipt, non-repudiation
    limited (-)
  • Good for B2C, 1m, not mn

22
SMG for B2B
HTML Attachment
E-mail client
Internet
1-send E-mail as usual
. . .
Exterior Firewall
Server
E-mail server
Exterior Firewall
23
SMG for B2B
HTML Attachment
2-Sender provides identifying info
E-mail client
Internet
1-send E-mail as usual
. . .
Exterior Firewall
Appliance
E-mail server
Exterior Firewall
24
SMG for B2B
HTML Attachment
2-Sender provides identifying info
E-mail client
Internet
1-send E-mail as usual
. . .
Exterior Firewall
Appliance
E-mail server
3-Appliance encrypts in HTML attachment and sends
as normal E-mail
Exterior Firewall
25
SMG for B2B
4-Java authenticates, decrypts
HTML Attachment
2-Sender provides identifying info
E-mail client
Internet
1-send E-mail as usual
. . .
Exterior Firewall
Appliance
E-mail server
3-Appliance encrypts in HTML attachment and sends
as normal E-mail
Exterior Firewall
26
SMG for B2B
HTML Attachment
  • Recipient only needs browser ()
  • Recipient and sender use E-mail system for
    message management ()
  • Proof of receipt sometimes supported ()
  • Senders can control message after receipt (-)
  • No virus checking or content filtering (-)

27
SMG for B2B
Why is Gateway-to-Gateway best?
  • S/MIME and PKI robust and ubiquitous
  • Experts recommend it
  • Eventual individual authentication
  • E-mail system integration
  • Workable interim solution
  • Supports virus checking and content filtering
  • Works between organizations
  • Some products also support B2C (e.g. Secure Web
    Mail)

28
SMG for B2B
The Challenge Interoperability
29
SMG for B2B
The Challenge Interoperability
30
SMG for B2B
The Challenge Interoperability
  • Choice of vendors based on standards
  • March 2001 Health Key Summit
  • New Zealand SEE Mail initiative (40 agencies)
  • Massachusetts Health Data Consortium
  • The Open Group (Unix, LDAP, CORBA, WAP)

31
SMG for B2B
SMG Gateway Message Profile
  • Profile of S/MIME Version 3.1 Message
    Specification MSG31
  • Standard message format
  • Message processing conventions
  • Simple mechanism for Domain Certificate exchange

32
SMG for B2B
S/MIME Gateway Product Certification
  • Now certifying vendors
  • www.opengroup.org/smg/cert/
  • Vendors active in developing the profile
  • Tumbleweed (certified)
  • Syntegra (certified)
  • Sigaba
  • PostX
  • MailQube
  • Vendors announcing intent
  • NetIQ
  • ZixCorp

33
SMG for B2B
Wisconsin Government Action
  • WI State agency E-mail consolidation RFP
  • Capable of supporting SMG
  • Later RFP for archiving, secure E-mail etc
  • UW Secure E-mail group
  • HMOs and Medicaid

34
SMG for B2B
A Modest Proposal for HIPAA COW
  • Endorsement of the SMG Gateway Message Profile as
    the recommended B2B secure Internet E-mail
    approach for health care entities in WI
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SMG for B2B" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!